File size 23.8 kB (23,784 bytes), it is sepolicy-update-2019.1-1.x86_64.rpm. The server has the address 35.200.224.211, the client behind NAT has the address 192.168.1.2. We first observe the packets captured during the communication between the client and server that successfully transferring the file, using wireshark The file sepolicy-update-2019.1-1.x86_64.rpm is uploaded to the FTP server in passive … Đọc tiếp An unsuccessful small file transfer experience!

Adding constraints to the rules - practice In this article we will practice modifying the constraint in the base module for the myapp_se program. First you take the type myapp_se_tmp_t into the mcs_constrained_type group, add the following statements to myapp_se.te file: require { attribute mcs_constrained_type; }typeattribute myapp_se_tmp_t mcs_constrained_type; Then rebuild and reinstall the module myapp_se.Next … Đọc tiếp SELinux with omarine policy: An in-depth look at the security policy – secure program with its own domain: Part 8

Adding constraints to the rules We already know that root can read the temp files of the myapp program (or myapp_se) That's because there are rules that allow the root user to read the files.If you want, you can add a constraint condition to disable the rules, so that root cannot read the files.When you … Đọc tiếp SELinux with omarine policy: An in-depth look at the security policy – secure program with its own domain: Part 7